WSVuls is a simple and powerful command line tool for Linux, Windows and macOS. It's designed for developers/testers and for those workers in IT who want to test vulnerabilities and analyses website from a single command. It detects issues outdated software version, insecures HTTP headers, the long and useless requests
WSVuls can extract the following data while crawling:
- IP Address
- Ports
- Hex Headers
- Protocol Version
- First Byte
- Start Render
- FCP
- Speed Index
- LCP
- CLS
- TBT
- DC Time
- DC Requests
- DC Bytes
- Time
- Requests
- Total Bytes
- Resource
- Request Start
- Content Type
- DNS Lookup
- SSL Negotiation
- Error/Status Code
WSVuls can be launched using docker
$ git clone https://github.com/anouarbensaad/wsvuls
$ cd wsvuls
$ docker build -t wsvuls:latest .
$ docker run -it --name wsvuls wsvuls:latest -u facebook.com
Scan, Detect and get stats for a specific url
Examples:
To get stats from target url:
$ wsvuls stats -u facebook.com
To get map all requests:
$ wsvuls stats -u facebook.com --mapper
To detect a right ip address from cloudflare firewall:
$ wsvuls cloud -d facebook.com
by default use-proxy to bypass the limit rate.
Available Commands:
stats Get statistics of target website.
cloud Get the right data from cloudflare.
Flags:
-h, --help help for wsvuls